Juniper SRX 5800
Juniper SRX 5800
The award-winning SRX5800 Services Gateway supports more than 120 Gbps firewall and 30 Gbps IPS, as well as 350,000 connections per second and an industry record-breaking 10 million concurrent user sessions. Equipped with a full range of integrated security features, the massively scalable SRX5800 Services Gateway is ideal for securing large enterprise data centers, hosted or co-located data centers, and service provider infrastructures.
The SRX5800 Services Gateway is the market-leading security solution supporting up to 300 Gbps firewall, 100 million concurrent sessions, 100 Gbps IPS, and 450,000 connections per second. Equipped with the full range of security services, SRX5800 is ideally suited for securing large enterprise, hosted or co-located data centers, service provider core and cloud provider infrastructures, and mobile operator environments. The massive performance, scalability, and flexibility of the SRX5800 makes it ideal for densely consolidated processing environments, and the service density make it ideal for cloud and managed service providers.
Juniper Networks SRX Series Services Gateways are next-generation security platforms based on a revolutionary architecture offering outstanding protection, performance, scalability, availability, and security service integration. Custom designed for flexible processing scalability, I/O scalability, and services integration, the SRX Series exceeds the security requirements of data center consolidation and services aggregation. The SRX Series is powered by Junos OS, the same industry-leading operating system platform that keeps the world’s largest networks available, manageable, and secure for the data center.
The Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways are next-generation security platforms based on a revolutionary architecture that provides marketleading performance, scalability, and service integration. These devices are ideally suited for service provider, large enterprise, and public sector networks, including:
+ Cloud and hosting provider data centers
+ Mobile operator environments
+ Managed service providers
+ Core service provider infrastructures
+ Large enterprise data centers
Based on Juniper’s dynamic services architecture, the SRX5000 line provides unrivaled scalability and performance. Each services gateway can support near linear scalability, with the addition of Services Processing Cards (SPCs) enabling a fully equipped SRX5800 to support up to 300 Gbps firewall throughput. The SPCs are designed to support a wide range of services, enabling future support of new capabilities without the need for servicespecific hardware. Using SPCs on all services ensures that there are no idle resources based on specific services being used—maximizing hardware utilization.
The scalability and flexibility of the SRX5000 line is supported by equally robust interfaces. The SRX5000 line employs a modular approach to interfaces, where each platform can be equipped with a flexible number of input/output cards (IOCs) that offer a wide range of connectivity options—from 1GbE to 100GbE interfaces. With the IOCs sharing the same interface slot as the SPCs, the gateway can be configured as needed to support the ideal balance of processing and I/O. Hence, each deployment of the SRX Series can be tailored to specific network requirements. With this flexibility, the SRX5800 can be configured to support more than 400GbE ports, or 220 10GbE, 22 100GbE, or 44 40GbE ports.
The scalability of both SPCs and IOCs in the SRX5000 line is enabled by the custom designed switch fabric. Supporting up to 960 Gbps of data transfer, the fabric enables realization of maximum processing and I/O capability available in any particular configuration. This level of scalability and flexibility facilitates future expansion and growth of the network infrastructure, providing unrivaled investment protection.
The tight service integration on the SRX Series is enabled by Juniper Networks Junos operating system. By combining the routing heritage of Junos OS and the security heritage of ScreenOS, the SRX Series is equipped with a robust list of services that include firewall, intrusion prevention system (IPS), denial of service (DoS), application security, Network Address Translation (NAT), and quality of service (QoS). In addition to the benefit of individual services, incorporating multiple security and networking services within one OS greatly optimizes the flow of traffic through the platform. Network traffic no longer needs to be routed across multiple data paths/cards or even disparate operating systems within a single gateway.
Junos OS also delivers carrier-class reliability to the already redundant SRX Series. The SRX Series enjoys the benefit of a single source OS, and single integrated architecture traditionally available on Juniper’s carrier-class routers and switches.
Specification
| STT | Model | SRX5800 |
| 1 | Performance and Capacity | |
| Junos OS version tested | Junos OS 18.2 | |
| Firewall performance, IMIX | 1 Tbps | |
| Express Path Firewall Performance, IMIX | 240 Gbps per IOC3 480 Gbps per IOC4 | |
| Next-Generation Firewall Performance | 400 Gbps | |
| Latency (stateful firewall) | ~32µsec | |
| AES256+SHA-1 IMIX VPN performance | 230 Gbps | |
| Maximum IPsec power mode performance (IKEv2 AES256, IMIX) | 530 Gbps | |
| Maximum IPS performance | 860 Gbps | |
| Maximum concurrent sessions | 338,000,000 | |
| New sessions/second (sustained, tcp, 3way, firewall NAT) | 6.3/4 Million | |
| IPSec VPN (Site-to-site & Tunel Intterfaces) | 15,000 | |
| Maximum user supported | Unrestricted | |
| 2 | Network Connectivity | |
| Maximum available slots for IOCs | 11 | |
| IOC4 options (SRX5K-IOC4-MRAT; SRX5K-IOC4-10G) | 40x10GbE SFP+ or 12xQSFP+/QSFP28 multirate | |
| IOC3 options (SRX5K-MPC3-100G10G; SRX5K-MPC3-40G10G) | 2x100GbE CFP2 and 4x10GbE SFP+ or 6x40GbE QSFP+ and 24x10GbE SFP+ | |
| IOC2 options (SRX5K-MPC) | Supports 2 pluggable MIC modules per card. MICs can be mixed from the following models: 20 x 1GbE SFP (SRX-MIC-20GE-SFP) 10 x 10GbE SFP+ (SRX-MIC-10XG-SFPP) 2 x 40GbE QSFP (SRX-MIC-2X40G-QSFP) 1 x 100GbE CFP (SRX-MIC-1X100G-CFP) | |
| 3 | Processing Scalability | |
| Maximum available slots for SPCs | 8 | |
| Services Process Card (SPC) options | SPC3: Quad 14 core Intel CPU complexes | |
| 4 | Virtualization | |
| Maximum custom routing instances with data plane separation | 2000 | |
| Maximum security zones | 2000 | |
| Maximum virtual firewalls with data plane and administrative separation (logical/tenant systems) | 500 | |
| Additional off-platform virtual firewall option with Juniper Networks vSRX Virtual Firewall (VM based) | Unlimited | |
| Maximum number of VLANs | 4096 | |
| 5 | Dimensions and Power | |
| Dimensions (W x H x D) | 17.5 x 27.8 x 23.5 in (44.5 x 70.5 x 59.7 cm) | |
| Weight | Fully Configured: 334 lb (151.6 kg) | |
| Power supply (AC) | 200 to 240 VAC | |
| Power supply (DC) | -40 to -60 VDC | |
| Maximum power | 8,200 W (AC high capacity) | |
| Typical Power | 5015 W | |
| 6 | Environmental | |
| Operating temperature – long term | 41° to 104° F (5° to 40° C) | |
| Operating temperature – short term | 23° to 131° F (-5° to 55° C) | |
| Humidity – long term | 5% to 85% noncondensing | |
| Humidity – short term | 5% to 93% noncondensing but not to exceed 0.026 kg water/kg of dry air | |
| 7 | Certifications | |
| Safety certifications | Yes | |
| Electromagnetic Compatibility (EMC) certifications | Yes | |
| RoHS2 Compliant (European Directive 2011/65/EU) | Yes |
Subscriptions
|
Licensed Software Feature |
Supported Devices |
Model Number |
|---|---|---|
|
Application Security, Intrusion Prevention Signatures, Enhanced Web Filtering, Antivirus and Sky Advanced Threat Prevention (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5800-ATP-BUN-1 SRX5800-ATP-BUN-3 SRX5800-ATP-BUN-5 |
|
Application Security, Intrusion Prevention Signatures, Enhanced Web Filtering, Antivirus and Antispam (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5800-CS-BUN-1 SRX5800-CS-BUN-3 SRX5800-CS-BUN-5 |
|
Sky Advanced Threat Prevention Threat Intelligence Feeds only (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5800-THRTFEED-1 SRX5800-THRTFEED-3 SRX5800-THRTFEED-5 |
|
Application Security and Intrusion Prevention Signature (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5800-APPSEC-A-1 SRX5800-APPSEC-A-3 SRX5800-APPSEC-A-5 |
|
Sky Advanced Threat Protection (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5800-ATP-1 SRX5800-ATP-3 SRX5800-ATP-5 |
|
Logical System License (1, 5, and 25 Incremental) |
SRX5800 |
SRX-5800-LSYS-1 SRX-5800-LSYS-5 SRX-5800-LSYS-25 |
|
Enhanced Web Filtering (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5800-W-EWF-1 SRX5800-W-EWF-3 SRX5800-W-EWF-5 |
|
Intrusion Detection and Prevention (1 year, 3 years and 5 years subscription) |
SRX5800 |
SRX5K-IDP SRX5K-IDP-3 SRX5K-IDP-5 |
Specs
System Performance
| Firewall throughput | 1 Tbps |
| Firewall Latency | -32 us |
| Firewall IMIX | 1 Tbps |
| Concurrent connections | 338.000.000 |
| New connections/sec | 6.300.000 |
| IPS throughput | 860 Gbps |
| NGFW Throughput | 400 Gbps |
| IPSec VPN throughput | 530 Gbps |
Physical interfaces
| GE SFP Slots | 40x10GbE SFP+ or 12xQSFP+/QSFP28 multirate |
Dimensions & Enviroment
| Dimensions Width x Depth x Height (inches) | 17.5 x 27.8 x 23.5 inches |
| Dimensions Height x Width x Length (mm) | 44.5 x 70.5 x 59.7 cm |
| Weight | 334 lbs (151.6 kg) |
| Power supply | 200-240 VAC |
| Power Consumption | 8200 W |
| Operating Temperature | 41-104 F |
| Humidity | 5-85% non-condensing |
| Certifications | UL 60950-1, FCC Class B, TIA-968, ICES Class B, CS-03, AS/NZS 60950-1, AS/NZS CISPR22 Class B, AS/ACIF S 002, S 016, S 043.1, S 043.2, PTC 217, PTC 273, VCCI Class B, EN 300 386, CTR 12/13, CTR 21 DoC, NIST FIPS-140-2 Level 2, ISO Common Criteria NDFP+TFFW EP, USGv6 |
Wireless Specification (XG Wireless only)
Product Certifications
Documentation
Videos
